<?php
//$db_host = 'hpcc.hut.edu.vn'; // don't forget to change
//$db_user = 'beowulf';
//$db_pwd = 'hpc1share';

//$database = 'beowulf';
//$table = 'vietnbk52_tiles';

$db_host = 'localhost'; // don't forget to change
$db_user = 'root';
$db_pwd = '';

$database = 'atlas';
$table = 'tiles';
// use the same name as SQL table

// simple upload restriction,
// to disallow uploading to everyone


if (!mysql_connect($db_host, $db_user, $db_pwd))
die("Can't connect to database");

if (!mysql_select_db($database))
die("Can't select database");

// This function makes usage of
// $_GET, $_POST, etc... variables
// completly safe in SQL queries
function sql_safe($s)
{
	if (get_magic_quotes_gpc())
	$s = stripslashes($s);

	return mysql_real_escape_string($s);
}

// If user pressed submit in one of the forms
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
	
}
elseif (isset($_GET['x']) & isset($_GET['y']) & isset($_GET['z']))
{
	$x = intval($_GET['x']);
	$y = intval($_GET['y']);
	$z = intval($_GET['z']);

	$result = mysql_query("SELECT image
                            FROM {$table}
                            WHERE x=$x AND y=$y AND z=$z");

	if (mysql_num_rows($result) == 0)
	die('no image');

	list($data) = mysql_fetch_row($result);

	// outputing HTTP headers
	header('Content-Length: '.strlen($data));
	header("Content-type: image/png");

	// outputing image
	echo $data;
	exit();
}
?>